<?
require_once 'php/functions.php';

function authentificate() {
	global $_MISC,$_DB,$master_crypt;
	if ($_GET['code']){
		if(check_validation_code($_GET['code'])) {
			$userInfo=get_user_from_code($_GET['code']);
			
			updateAndSetUserData($userInfo['email'],array(
				'auth_email_activated'=>1));
			usession_set('authentificated', true);
			usession_set('email', $userInfo['email']);
			usession_set('auth_mode', 'email');		
			
			//everything is ok, redirect the user back
			header("Location: {$_MISC['app-url']}");
		} else {
			echo 'Activation code is invalid. Maybe you entered the wrong url?';
		}
		exit;
	}
	if($_GET['submit']=='email') {
		$email=strtolower($_POST['email']);
		if(!validEmail($email)) {
			?><p class=".error">The provided email is not valid!</p><?
		} else {
			if(check_user_exists_and_mail_valid($email)) {
				usession_set('authentificated', true);
				usession_set('email', $_POST['email']);
				usession_set('auth_mode', 'email');
				//everything is ok, redirect the user back
				echo "success";
				header("Location: {$_MISC['app-url']}");
				exit;
			} else {
				$activationcode=strtoupper(substr(md5(time().rand().rand().rand()),-9));
				updateAndSetUserData($email,array(
					'auth_email'=>1,
					'email'=>$email,
					'regdate_email'=>date('Y-m-d H:i:s'),
					'regdate_first'=>$_SESSION['regdate_first'],
					'auth_email_code'=>$activationcode,
					'auth_email_regcounter'=>"'auth_email_regcounter'+1",
					'auth_email_activated'=>0));
				//~ usession_set('authentificated', true);
				//~ usession_set('email', $_POST['submit']);
				//~ usession_set('auth_mode', 'email');
				
				$master_crypt->encrypt_b64(json_encode(array('email'=>$email)));
				$activationurl="{$_MISC['app-url']}/auth/email/code/$activationcode";
				mail($email, "Your Activation Code for the new In Legend Pre Listening","Thank you for connecting with In Legend Facebook app \nYour activation code is <a href=\"$activationurl\" target=\"_blank\">$activationurl</a><br><br>Order your copy of Ballads n Bullets at <a href=\"http://goo.gl/3H0Fm\">Amazon</a><br><br>we are:! <a href=\"http://www.inlegend.de\">www.inlegend.de</a>","MIME-Version: 1.0\r\nContent-type: text/html; charset=utf-8\r\nFrom: legends@inlegend.de\r\nReply-To: legends@inlegend.de\r\n");
				if($_GET["mode"]!="js") {
					echo "You've got an email with an activation url. If you don't recieve the mail in the next 15 minutes, check your Spam folder and try again. <br>You are now being redirected to the streaming app. Enjoy the music!";
					?><script type="text/javascript">window.setTimeout(function(){window.location.href="<?=$_MISC['app-url']?>";},2000);</script><?
				} else {
					header("Location: {$_MISC['app-url']}?action={'todo':'showBox','param':{'url':'box/mailwait'}}&notshowloginbox=true");
				}
				exit;
			}
		}
	}
	?><p>Just enter your email to register! If you already registered, enter your email and you'll be directly authentificated.</p>
		<form method=post action="<?="{$_MISC['app-url']}/auth/email/submit/email"?>" value="<?=$email?>">
		<input name=email><input type=submit><?
}
function check_validation_code($code) {
	global $_DB;
	$qcode= $_DB->prepare("SELECT COUNT(*) FROM `user` WHERE `auth_email_code` =  :code"); $qcode->execute(array('code'=>$code));
	if($qcode->fetchColumn() == 1)
		return true;
	else
	 return false;
}
function check_user_exists_and_mail_valid($email) {
	global $_DB;
	$userInfo= get_userInfo($email);
	if($userInfo['auth_facebook']==1 OR ($userInfo['auth_email_activated']==1 AND  $userInfo['auth_email']==1))
		return true;
	else
		return false;
}

function get_user_from_code($code) {
	global $_DB;
	$userInfo=$_DB->prepare("SELECT * FROM `user` WHERE `auth_email_code`=:code");$userInfo->execute(array('code'=>$code));
	return $userInfo->fetch();
}
?>